349b4629be
Also implemented more elegant solution to allowing session auth for API routes; A new 'StartSessionIfCookieExists' middleware, which wraps the default 'StartSession' middleware will run for API routes which only sets up the session if a session cookie is found on the request. Also decrypts only the session cookie. Also cleaned some TokenController codeclimate warnings.
35 lines
772 B
PHP
35 lines
772 B
PHP
<?php
|
|
|
|
namespace BookStack\Providers;
|
|
|
|
use Auth;
|
|
use BookStack\Api\ApiTokenGuard;
|
|
use BookStack\Auth\Access\LdapService;
|
|
use Illuminate\Support\ServiceProvider;
|
|
|
|
class AuthServiceProvider extends ServiceProvider
|
|
{
|
|
/**
|
|
* Bootstrap the application services.
|
|
*
|
|
* @return void
|
|
*/
|
|
public function boot()
|
|
{
|
|
Auth::extend('api-token', function ($app, $name, array $config) {
|
|
return new ApiTokenGuard($app['request']);
|
|
});
|
|
}
|
|
|
|
/**
|
|
* Register the application services.
|
|
*
|
|
* @return void
|
|
*/
|
|
public function register()
|
|
{
|
|
Auth::provider('ldap', function ($app, array $config) {
|
|
return new LdapUserProvider($config['model'], $app[LdapService::class]);
|
|
});
|
|
}
|
|
}
|